I ran the emails of a few of my family through the pwned API so that I could tell them to change their passwords. I was surprised that almost everyone I reached out to was surprised by their information being out there. My interpretation was the general public is almost entirely unaware of the scope of these breaches and what they need to do as a result.
It'd be cool if there was some way of gently sharing with your friends and family whether or not they've been pwned -- maybe some kind of social network plugin or web app that generates emails for you to send to them. A key challenge would be being sensitive to their privacy, i.e., not coming off as creepy.
It'd be cool if there was some way of gently sharing with your friends and family whether or not they've been pwned -- maybe some kind of social network plugin or web app that generates emails for you to send to them. A key challenge would be being sensitive to their privacy, i.e., not coming off as creepy.